Re: Triggering the website to send Spam

From: john bray <jmblin comcast net>

To: fedora-list <fedora-list redhat com>

Subject: Re: Triggering the website to send Spam

Date: Sat, 18 Dec 2004 13:13:58 -0600

On Sat, 2004-12-18 at 10:22 -0600, Gustavo Seabra wrote:
> Nifty Hat Mitch wrote:
>
> >For goodness sake do not open HTML rich spam. They hide a little
> >image that you cannot see. That hidden URL validates your address
> >and that you 'looked'.
> >
> That's interesting... I've never heard about it before. Where can we learn more about this?
>
> >YOU WILL DOUBLE or TRIPPLE your incoming spam if you look even !ONCE!,
> >at this type of html junk mail. Use a text only view of mail for all
> >messages. Use your HTML tools for messages from trusted senders.
> >
> >
> Does just disabling images in email work to stop this?
>
> >I have noted that some of the posters here (unknowingly I believe)
> >post from accounts that tag a hidden tracking image/URL in all mail.
> >It is hidden in the signature of all their Multi-part MIME messages,
> >even when they send text in the body.
> >
> >
> Is there any way to see this in thunderbird, for example? Or is it
> something you can only notice with a text-only program?
>
webbugs are one way they get you -- an invisible, often 1x1 pixel,
image. but, often real images are set that way too.
the image is actually a url pointing to their web site. in the name of
the image is a serial number of some sort which is in their database
linked to the address to which they sent the email. if your mail
program fetches that image, their server marks the db for that serial
number as a live address. thus they've got you.
you can avoid the problem only by not fetching the image from their
server. in most mail programs, if its not deliberately disabled, just
the preview window will, of course, fetch the image for you to preview
the mail. and at that point you've been had.
so, if you turn off image display in your MDA, AND, if that means that
it doesn't fetch the image, you're ok.
one might note that many links in html mail are set up with serial
numbers as well, so if you ever click on one of them, you're marked for
spam.
i have set up most of my windows clients with mailwasher, which lets one
safely look at spam and delete it on the mail server before the mail
program even gets to it. most of my clients report a major drop in spam
within a week of starting to use mailwasher, so i guess the spam email
address databases must be very short lived.
john